* and listen for requests (using my_svc_run)
*
*/
-#include "config.h"
+
+#ifdef HAVE_CONFIG_H
+#include <config.h>
+#endif
#include <sys/types.h>
#include <sys/select.h>
#include <fcntl.h>
#include <errno.h>
#include <ctype.h>
+#include <pwd.h>
+#include <grp.h>
+#include <mntent.h>
#include "misc.h"
#include "nfslib.h"
#include "exportfs.h"
#include "mountd.h"
#include "xmalloc.h"
+#include "fsloc.h"
+
+#ifdef USE_BLKID
+#include "blkid/blkid.h"
+#endif
+
+
+enum nfsd_fsid {
+ FSID_DEV = 0,
+ FSID_NUM,
+ FSID_MAJOR_MINOR,
+ FSID_ENCODE_DEV,
+ FSID_UUID4_INUM,
+ FSID_UUID8,
+ FSID_UUID16,
+ FSID_UUID16_INUM,
+};
/*
* Support routines for text-based upcalls.
* Record is terminated with newline.
*
*/
-void cache_export_ent(char *domain, struct exportent *exp);
+int cache_export_ent(char *domain, struct exportent *exp, char *p);
char *lbuf = NULL;
qword_print(f, *client?client:"DEFAULT");
qword_eol(f);
- if (client && strcmp(ipaddr, client))
- mountlist_add(ipaddr, *client?client:"DEFAULT");
-
if (client) free(client);
}
+void auth_unix_gid(FILE *f)
+{
+ /* Request are
+ * uid
+ * reply is
+ * uid expiry count list of group ids
+ */
+ int uid;
+ struct passwd *pw;
+ gid_t glist[100], *groups = glist;
+ int ngroups = 100;
+ int rv, i;
+ char *cp;
+
+ if (readline(fileno(f), &lbuf, &lbuflen) != 1)
+ return;
+
+ cp = lbuf;
+ if (qword_get_int(&cp, &uid) != 0)
+ return;
+
+ pw = getpwuid(uid);
+ if (!pw)
+ rv = -1;
+ else {
+ rv = getgrouplist(pw->pw_name, pw->pw_gid, groups, &ngroups);
+ if (rv == -1 && ngroups >= 100) {
+ groups = malloc(sizeof(gid_t)*ngroups);
+ if (!groups)
+ rv = -1;
+ else
+ rv = getgrouplist(pw->pw_name, pw->pw_gid,
+ groups, &ngroups);
+ }
+ }
+ qword_printint(f, uid);
+ qword_printint(f, time(0)+30*60);
+ if (rv >= 0) {
+ qword_printint(f, ngroups);
+ for (i=0; i<ngroups; i++)
+ qword_printint(f, groups[i]);
+ }
+ qword_eol(f);
+ if (groups != glist)
+ free(groups);
+}
+
+#if USE_BLKID
+int get_uuid(char *path, char *uuid, int uuidlen, char *u)
+{
+ /* extract hex digits from uuidstr and compose a uuid
+ * of the given length (max 16), xoring bytes to make
+ * a smaller uuid. Then compare with uuid
+ */
+ int i = 0;
+ const char *val;
+
+ if (path) {
+ static blkid_cache cache = NULL;
+ struct stat stb;
+ char *devname;
+ blkid_tag_iterate iter;
+ blkid_dev dev;
+ const char *type;
+ if (cache == NULL)
+ blkid_get_cache(&cache, NULL);
+
+ blkid_probe_all_new(cache);
+
+ if (stat(path, &stb) != 0)
+ return 0;
+ devname = blkid_devno_to_devname(stb.st_dev);
+ if (!devname)
+ return 0;
+ dev = blkid_get_dev(cache, devname, BLKID_DEV_NORMAL);
+ free(devname);
+ if (!dev)
+ return 0;
+ iter = blkid_tag_iterate_begin(dev);
+ if (!iter)
+ return 0;
+ while (blkid_tag_next(iter, &type, &val) == 0)
+ if (strcmp(type, "UUID") == 0)
+ break;
+ blkid_tag_iterate_end(iter);
+ if (!type)
+ return 0;
+ } else {
+ val = uuid;
+ }
+
+ memset(u, 0, uuidlen);
+ for ( ; *val ; val++) {
+ char c = *val;
+ if (!isxdigit(c))
+ continue;
+ if (isalpha(c)) {
+ if (isupper(c))
+ c = c - 'A' + 10;
+ else
+ c = c - 'a' + 10;
+ } else
+ c = c - '0' + 0;
+ if ((i&1) == 0)
+ c <<= 4;
+ u[i/2] ^= c;
+ i++;
+ if (i == uuidlen*2)
+ i = 0;
+ }
+ return 1;
+}
+#endif
+
+/* Iterate through /etc/mtab, finding mountpoints
+ * at or below a given path
+ */
+static char *next_mnt(void **v, char *p)
+{
+ FILE *f;
+ struct mntent *me;
+ int l = strlen(p);
+ if (*v == NULL) {
+ f = setmntent("/etc/mtab", "r");
+ *v = f;
+ } else
+ f = *v;
+ while ((me = getmntent(f)) != NULL &&
+ (strncmp(me->mnt_dir, p, l) != 0 ||
+ me->mnt_dir[l] != '/'))
+ ;
+ if (me == NULL) {
+ endmntent(f);
+ *v = NULL;
+ return NULL;
+ }
+ return me->mnt_dir;
+}
+
void nfsd_fh(FILE *f)
{
/* request are:
int fsidlen;
unsigned int dev, major=0, minor=0;
unsigned int inode=0;
+ unsigned long long inode64;
unsigned int fsidnum=0;
char fsid[32];
struct exportent *found = NULL;
+ char *found_path = NULL;
nfs_export *exp;
int i;
int dev_missing = 0;
+ int uuidlen = 0;
+ char *fhuuid = NULL;
if (readline(fileno(f), &lbuf, &lbuflen) != 1)
return;
goto out;
if (qword_get_int(&cp, &fsidtype) != 0)
goto out;
- if (fsidtype < 0 || fsidtype > 1)
+ if (fsidtype < 0 || fsidtype > 7)
goto out; /* unknown type */
if ((fsidlen = qword_get(&cp, fsid, 32)) <= 0)
goto out;
switch(fsidtype) {
- case 0: /* 4 bytes: 2 major, 2 minor, 4 inode */
+ case FSID_DEV: /* 4 bytes: 2 major, 2 minor, 4 inode */
if (fsidlen != 8)
goto out;
memcpy(&dev, fsid, 4);
minor = ntohl(dev) & 0xFFFF;
break;
- case 1: /* 4 bytes - fsid */
+ case FSID_NUM: /* 4 bytes - fsid */
if (fsidlen != 4)
goto out;
memcpy(&fsidnum, fsid, 4);
break;
+
+ case FSID_MAJOR_MINOR: /* 12 bytes: 4 major, 4 minor, 4 inode
+ * This format is never actually used but was
+ * an historical accident
+ */
+ if (fsidlen != 12)
+ goto out;
+ memcpy(&dev, fsid, 4); major = ntohl(dev);
+ memcpy(&dev, fsid+4, 4); minor = ntohl(dev);
+ memcpy(&inode, fsid+8, 4);
+ break;
+
+ case FSID_ENCODE_DEV: /* 8 bytes: 4 byte packed device number, 4 inode */
+ /* This is *host* endian, not net-byte-order, because
+ * no-one outside this host has any business interpreting it
+ */
+ if (fsidlen != 8)
+ goto out;
+ memcpy(&dev, fsid, 4);
+ memcpy(&inode, fsid+4, 4);
+ major = (dev & 0xfff00) >> 8;
+ minor = (dev & 0xff) | ((dev >> 12) & 0xfff00);
+ break;
+
+ case FSID_UUID4_INUM: /* 4 byte inode number and 4 byte uuid */
+ if (fsidlen != 8)
+ goto out;
+ memcpy(&inode, fsid, 4);
+ uuidlen = 4;
+ fhuuid = fsid+4;
+ break;
+ case FSID_UUID8: /* 8 byte uuid */
+ if (fsidlen != 8)
+ goto out;
+ uuidlen = 8;
+ fhuuid = fsid;
+ break;
+ case FSID_UUID16: /* 16 byte uuid */
+ if (fsidlen != 16)
+ goto out;
+ uuidlen = 16;
+ fhuuid = fsid;
+ break;
+ case FSID_UUID16_INUM: /* 8 byte inode number and 16 byte uuid */
+ if (fsidlen != 24)
+ goto out;
+ memcpy(&inode64, fsid, 8);
+ inode = inode64;
+ uuidlen = 16;
+ fhuuid = fsid+8;
+ break;
}
auth_reload();
/* Now determine export point for this fsid/domain */
for (i=0 ; i < MCL_MAXTYPES; i++) {
- for (exp = exportlist[i]; exp; exp = exp->m_next) {
+ nfs_export *next_exp;
+ for (exp = exportlist[i]; exp; exp = next_exp) {
struct stat stb;
+ char u[16];
+ char *path;
+
+ if (exp->m_export.e_flags & NFSEXP_CROSSMOUNT) {
+ static nfs_export *prev = NULL;
+ static void *mnt = NULL;
+
+ if (prev == exp) {
+ /* try a submount */
+ path = next_mnt(&mnt, exp->m_export.e_path);
+ if (!path) {
+ next_exp = exp->m_next;
+ prev = NULL;
+ continue;
+ }
+ next_exp = exp;
+ } else {
+ prev = exp;
+ mnt = NULL;
+ path = exp->m_export.e_path;
+ next_exp = exp;
+ }
+ } else {
+ path = exp->m_export.e_path;
+ next_exp = exp->m_next;
+ }
if (!client_member(dom, exp->m_client->m_hostname))
continue;
exp->m_export.e_mountpoint:
exp->m_export.e_path))
dev_missing ++;
- if (stat(exp->m_export.e_path, &stb) != 0)
+ if (stat(path, &stb) != 0)
continue;
- if (fsidtype == 1 &&
- ((exp->m_export.e_flags & NFSEXP_FSID) == 0 ||
- exp->m_export.e_fsid != fsidnum))
+ if (!S_ISDIR(stb.st_mode) && !S_ISREG(stb.st_mode)) {
continue;
- if (fsidtype == 0) {
+ }
+ switch(fsidtype){
+ case FSID_DEV:
+ case FSID_MAJOR_MINOR:
+ case FSID_ENCODE_DEV:
if (stb.st_ino != inode)
continue;
if (major != major(stb.st_dev) ||
minor != minor(stb.st_dev))
continue;
+ break;
+ case FSID_NUM:
+ if (((exp->m_export.e_flags & NFSEXP_FSID) == 0 ||
+ exp->m_export.e_fsid != fsidnum))
+ continue;
+ break;
+ case FSID_UUID4_INUM:
+ case FSID_UUID16_INUM:
+ if (stb.st_ino != inode)
+ continue;
+ goto check_uuid;
+ case FSID_UUID8:
+ case FSID_UUID16:
+ if (!is_mountpoint(path))
+ continue;
+ check_uuid:
+#if USE_BLKID
+ if (exp->m_export.e_uuid)
+ get_uuid(NULL, exp->m_export.e_uuid,
+ uuidlen, u);
+ else if (get_uuid(path, NULL,
+ uuidlen, u) == 0)
+ continue;
+
+ if (memcmp(u, fhuuid, uuidlen) != 0)
+ continue;
+ break;
+#else
+ continue;
+#endif
}
/* It's a match !! */
- if (!found)
+ if (!found) {
found = &exp->m_export;
- else if (strcmp(found->e_path, exp->m_export.e_path)!= 0)
+ found_path = strdup(path);
+ } else if (strcmp(found->e_path, exp->m_export.e_path)!= 0)
{
xlog(L_WARNING, "%s and %s have same filehandle for %s, using first",
- found->e_path, exp->m_export.e_path, dom);
+ found_path, path, dom);
}
}
}
}
if (found)
- cache_export_ent(dom, found);
+ if (cache_export_ent(dom, found, found_path) < 0)
+ found = 0;
qword_print(f, dom);
qword_printint(f, fsidtype);
qword_printhex(f, fsid, fsidlen);
- qword_printint(f, time(0)+30*60);
+ /* The fsid -> path lookup can be quite expensive as it
+ * potentially stats and reads lots of devices, and some of those
+ * might have spun-down. The Answer is not likely to
+ * change underneath us, and an 'exportfs -f' can always
+ * remove this from the kernel, so use a really log
+ * timeout. Maybe this should be configurable on the command
+ * line.
+ */
+ qword_printint(f, 0x7fffffff);
if (found)
qword_print(f, found->e_path);
qword_eol(f);
return;
}
+static void write_fsloc(FILE *f, struct exportent *ep, char *path)
+{
+ struct servers *servers;
+
+ if (ep->e_fslocmethod == FSLOC_NONE)
+ return;
+
+ servers = replicas_lookup(ep->e_fslocmethod, ep->e_fslocdata, path);
+ if (!servers)
+ return;
+ qword_print(f, "fsloc");
+ qword_printint(f, servers->h_num);
+ if (servers->h_num >= 0) {
+ int i;
+ for (i=0; i<servers->h_num; i++) {
+ qword_print(f, servers->h_mp[i]->h_host);
+ qword_print(f, servers->h_mp[i]->h_path);
+ }
+ }
+ qword_printint(f, servers->h_referral);
+ release_replicas(servers);
+}
+
+static int dump_to_cache(FILE *f, char *domain, char *path, struct exportent *exp)
+{
+ qword_print(f, domain);
+ qword_print(f, path);
+ qword_printint(f, time(0)+30*60);
+ if (exp) {
+ qword_printint(f, exp->e_flags);
+ qword_printint(f, exp->e_anonuid);
+ qword_printint(f, exp->e_anongid);
+ qword_printint(f, exp->e_fsid);
+ write_fsloc(f, exp, path);
+#if USE_BLKID
+ if (exp->e_uuid == NULL) {
+ char u[16];
+ if (get_uuid(path, NULL, 16, u)) {
+ qword_print(f, "uuid");
+ qword_printhex(f, u, 16);
+ }
+ } else if (exp->e_uuid) {
+ qword_print(f, "uuid");
+ qword_printhex(f, exp->e_uuid, 16);
+ }
+#endif
+ }
+ return qword_eol(f);
+}
+
void nfsd_export(FILE *f)
{
/* requests are:
int i;
char *dom, *path;
nfs_export *exp, *found = NULL;
+ int found_type = 0;
if (readline(fileno(f), &lbuf, &lbuflen) != 1)
for (exp = exportlist[i]; exp; exp = exp->m_next) {
if (!client_member(dom, exp->m_client->m_hostname))
continue;
- if (strcmp(path, exp->m_export.e_path))
+ if (exp->m_export.e_flags & NFSEXP_CROSSMOUNT) {
+ /* if path is a mountpoint below e_path, then OK */
+ int l = strlen(exp->m_export.e_path);
+ if (strcmp(path, exp->m_export.e_path) == 0 ||
+ (strncmp(path, exp->m_export.e_path, l) == 0 &&
+ path[l] == '/' &&
+ is_mountpoint(path)))
+ /* ok */;
+ else
+ continue;
+ } else if (strcmp(path, exp->m_export.e_path) != 0)
continue;
- if (!found)
+ if (!found) {
found = exp;
- else {
- xlog(L_WARNING, "%s exported to both %s and %s in %s",
- path, exp->m_client->m_hostname, found->m_client->m_hostname,
+ found_type = i;
+ continue;
+ }
+ /* If one is a CROSSMOUNT, then prefer the longest path */
+ if (((found->m_export.e_flags & NFSEXP_CROSSMOUNT) ||
+ (found->m_export.e_flags & NFSEXP_CROSSMOUNT)) &&
+ strlen(found->m_export.e_path) !=
+ strlen(found->m_export.e_path)) {
+
+ if (strlen(exp->m_export.e_path) >
+ strlen(found->m_export.e_path)) {
+ found = exp;
+ found_type = i;
+ }
+ continue;
+
+ } else if (found_type == i && found->m_warned == 0) {
+ xlog(L_WARNING, "%s exported to both %s and %s, "
+ "arbitrarily choosing options from first",
+ path, found->m_client->m_hostname, exp->m_client->m_hostname,
dom);
+ found->m_warned = 1;
}
}
}
- qword_print(f, dom);
- qword_print(f, path);
- qword_printint(f, time(0)+30*60);
if (found) {
- qword_printint(f, found->m_export.e_flags);
- qword_printint(f, found->m_export.e_anonuid);
- qword_printint(f, found->m_export.e_anongid);
- qword_printint(f, found->m_export.e_fsid);
- mountlist_add(dom, path);
+ if (dump_to_cache(f, dom, path, &found->m_export) < 0) {
+ xlog(L_WARNING,
+ "Cannot export %s, possibly unsupported filesystem"
+ " or fsid= required", path);
+ dump_to_cache(f, dom, path, NULL);
+ } else
+ mountlist_add(dom, path);
+ } else {
+ dump_to_cache(f, dom, path, NULL);
}
- qword_eol(f);
out:
if (dom) free(dom);
if (path) free(path);
FILE *f;
} cachelist[] = {
{ "auth.unix.ip", auth_unix_ip},
+ { "auth.unix.gid", auth_unix_gid},
{ "nfsd.export", nfsd_export},
{ "nfsd.fh", nfsd_fh},
{ NULL, NULL }
};
+extern int manage_gids;
void cache_open(void)
{
int i;
- for (i=0; cachelist[i].cache_name; i++ ){
+ for (i=0; cachelist[i].cache_name; i++ ) {
char path[100];
+ if (!manage_gids && cachelist[i].cache_handle == auth_unix_gid)
+ continue;
sprintf(path, "/proc/net/rpc/%s/channel", cachelist[i].cache_name);
cachelist[i].f = fopen(path, "r+");
}
* % echo $domain $path $[now+30*60] $options $anonuid $anongid $fsid > /proc/net/rpc/nfsd.export/channel
*/
-void cache_export_ent(char *domain, struct exportent *exp)
+int cache_export_ent(char *domain, struct exportent *exp, char *path)
{
-
+ int err;
FILE *f = fopen("/proc/net/rpc/nfsd.export/channel", "w");
if (!f)
- return;
+ return -1;
- qword_print(f, domain);
- qword_print(f, exp->e_path);
- qword_printint(f, time(0)+30*60);
- qword_printint(f, exp->e_flags);
- qword_printint(f, exp->e_anonuid);
- qword_printint(f, exp->e_anongid);
- qword_printint(f, exp->e_fsid);
- qword_eol(f);
+ err = dump_to_cache(f, domain, exp->e_path, exp);
+ if (err) {
+ xlog(L_WARNING,
+ "Cannot export %s, possibly unsupported filesystem or"
+ " fsid= required", exp->e_path);
+ }
+ mountlist_add(domain, exp->e_path);
- fclose(f);
+ while (err == 0 && (exp->e_flags & NFSEXP_CROSSMOUNT) && path) {
+ /* really an 'if', but we can break out of
+ * a 'while' more easily */
+ /* Look along 'path' for other filesystems
+ * and export them with the same options
+ */
+ struct stat stb;
+ int l = strlen(exp->e_path);
+ int dev;
+
+ if (strlen(path) <= l || path[l] != '/' ||
+ strncmp(exp->e_path, path, l) != 0)
+ break;
+ if (stat(exp->e_path, &stb) != 0)
+ break;
+ dev = stb.st_dev;
+ while(path[l] == '/') {
+ char c;
+ /* errors for submount should fail whole filesystem */
+ int err2;
+
+ l++;
+ while (path[l] != '/' && path[l])
+ l++;
+ c = path[l];
+ path[l] = 0;
+ err2 = lstat(path, &stb);
+ path[l] = c;
+ if (err2 < 0)
+ break;
+ if (stb.st_dev == dev)
+ continue;
+ dev = stb.st_dev;
+ path[l] = 0;
+ dump_to_cache(f, domain, path, exp);
+ path[l] = c;
+ }
+ break;
+ }
- mountlist_add(domain, exp->e_path);
+ fclose(f);
+ return err;
}
-void cache_export(nfs_export *exp)
+int cache_export(nfs_export *exp, char *path)
{
+ int err;
FILE *f;
f = fopen("/proc/net/rpc/auth.unix.ip/channel", "w");
if (!f)
- return;
+ return -1;
qword_print(f, "nfsd");
qword_print(f, inet_ntoa(exp->m_client->m_addrlist[0]));
qword_printint(f, time(0)+30*60);
qword_print(f, exp->m_client->m_hostname);
- qword_eol(f);
+ err = qword_eol(f);
fclose(f);
- if (strcmp(inet_ntoa(exp->m_client->m_addrlist[0]), exp->m_client->m_hostname))
- mountlist_add(inet_ntoa(exp->m_client->m_addrlist[0]), exp->m_client->m_hostname);
-
- cache_export_ent(exp->m_client->m_hostname, &exp->m_export);
+ err = cache_export_ent(exp->m_client->m_hostname, &exp->m_export, path)
+ || err;
+ return err;
}
/* Get a filehandle.
qword_print(f, exp->m_client->m_hostname);
qword_print(f, p);
qword_printint(f, len);
- qword_eol(f);
+ failed = qword_eol(f);
- failed = (fgets(buf, sizeof(buf), f) == NULL);
+ if (!failed)
+ failed = (fgets(buf, sizeof(buf), f) == NULL);
fclose(f);
if (failed)
return NULL;
memset(fh.fh_handle, 0, sizeof(fh.fh_handle));
- fh.fh_size = qword_get(&bp, fh.fh_handle, NFS3_FHSIZE);
+ fh.fh_size = qword_get(&bp, (char *)fh.fh_handle, NFS3_FHSIZE);
return &fh;
}
projects / nfs-utils.git / blobdiff